/*
 AMENDMENTS:
 DATE          NAME        VERSION     DESCRIPTION
--------       -----       -------     -----------
 21/01/2009    KCF       	1.0.0       1.UpdateSecAccess.java : Add Update Security Access for Security Group.
*/
package com.mbbmap.security.action;

import java.util.ArrayList;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
	
import com.mbbmap.app.EbppKeys;
import com.mbbmap.app.dao.SysLogDao;
import com.mbbmap.app.home.SecAccessHome;
import com.mbbmap.app.home.SecGroupHome;
import com.mbbmap.app.home.SysLogHome;
import com.mbbmap.app.manager.ConfigManager;
import com.mbbmap.security.dao.SecAccessDao;
import com.mbbmap.security.dao.SecModulesDao;
import com.mbbmap.util.Constants;
import com.mbbmap.util.EncryptionHelper;
import com.mbbmap.util.SecAccessHelper;
//import com.eremit.app.cus.business.comparator.*;
//20071204 : Added by Michael


/**
 *
 */
public final class UpdateSecAccessAction extends CommonDispatchAction {

    final String moduleCode = "SEC003";
    
  /**
   * Account list
   */
  public ActionForward init(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {
	String moduleCode = "SEC003";
    HttpSession session = request.getSession(false);
	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();
	String strESelectedGroupCode ="";
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	
	System.out.println("The access level is "+accessAllow);
	accessAllow = true;
	System.out.println("Changing the access level to "+accessAllow);
	
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);
	session.setAttribute(Constants.SELECTED_ACCESS_LIST, secGroupAccessList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);


    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

  /**
   * Get Security Group Access list
   */
  public ActionForward getGroup(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    HttpSession session = request.getSession(false);
	String strSelectedGroupCode ="";
	String strESelectedGroupCode = request.getParameter("selaccessgrp");

	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList arlFilterSecModuleList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();
	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);

	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		secGroupAccessList = SecAccessHome.getInstance().findSecGroupAccessList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupAccessList.size();i++){
			SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
			String tmpModuleCode = "";
			tmpModuleCode = secaccessDao.getModuleCode();
			if (tmpModuleCode != null && !tmpModuleCode.equals("")){
				for(int j=0;j<arlSecModuleList.size();j++){
					SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(j);
					if (secmoduleDao.getmoduleCode().equals(tmpModuleCode)){
						secaccessDao.setModuleName(secmoduleDao.getmoduleName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecModuleList.size();k++){
			SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(k);
			String tmpModuleCode = secmoduleDao.getmoduleCode();
			int iFound = 0;
			for(int i=0;i<secGroupAccessList.size();i++){
				SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
				if (secaccessDao.getModuleCode().equals(tmpModuleCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecModuleList.add(secmoduleDao);
			}
		}
		arlSecModuleList = new ArrayList();
		arlSecModuleList = arlFilterSecModuleList;
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}
	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);
	session.setAttribute(Constants.SELECTED_ACCESS_LIST, secGroupAccessList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

  /**
   * Add Security Group Access list
   */
  public ActionForward addGroupAccess(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecAccessAction.addGroupAccess";
    HttpSession session = request.getSession(false);
	System.out.println("UpdateSecAccessAction.java: addGroupAccess");

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecGroupAction.java: getGroup strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecGroupAction.java: updgroup strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}


	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList arlFilterSecModuleList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);

	String strSelectedGroupCode = "";
	String strESelectedGroupCode = "";
	strESelectedGroupCode = request.getParameter("selaccessgrp");

	String strSelectedModuleCode = "";
	String strESelectedModuleCode = "";
	strESelectedModuleCode = request.getParameter("accessmodule");

	String strReadFlag = "";
	strReadFlag = sanitize(request.getParameter("readflag"));

	String strUpdateFlag = "";
	strUpdateFlag = sanitize(request.getParameter("updateflag"));

	String strWriteFlag = "";
	strWriteFlag = sanitize(request.getParameter("writeflag"));

	System.out.println("UpdateSecAccessAction.java: addGroupAccess strESelectedGroupCode : " + strESelectedGroupCode);
	if ((strESelectedGroupCode == null) || (strESelectedGroupCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strESelectedModuleCode : " + strESelectedModuleCode);
	if ((strESelectedModuleCode == null) || (strESelectedModuleCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strReadFlag : " + strReadFlag);
	if ((strReadFlag == null) || (strReadFlag.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strUpdateFlag : " + strUpdateFlag);
	if ((strUpdateFlag == null) || (strUpdateFlag.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strWriteFlag : " + strWriteFlag);
	if ((strWriteFlag == null) || (strWriteFlag.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}

	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	String strRetUpdate = "";
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		if ((strESelectedModuleCode != null) && (!strESelectedModuleCode.equals(""))){
			strSelectedModuleCode= sanitize(EncryptionHelper.decrypt(strESelectedModuleCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
			sysLogDao.setUserField1("Selected Group Code="+strSelectedGroupCode + ", Add Module Code=" 
			        + strSelectedModuleCode );
			
			strRetUpdate = SecAccessHome.getInstance().addSecGroupAccessList(strMerchant,strSelectedGroupCode,strSelectedModuleCode,strReadFlag,strUpdateFlag,strWriteFlag,strLoginID);
			if (!strRetUpdate.equals(Constants.DB_YES)) {
			    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
			}
			System.out.println("UpdateSecAccessAction: InsertSysLog");
			}
		SysLogHome.getInstance().insertSysLog(sysLogDao);
	}
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		secGroupAccessList = SecAccessHome.getInstance().findSecGroupAccessList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupAccessList.size();i++){
			SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
			String tmpModuleCode = "";
			tmpModuleCode = secaccessDao.getModuleCode();
			if (tmpModuleCode != null && !tmpModuleCode.equals("")){
				for(int j=0;j<arlSecModuleList.size();j++){
					SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(j);
					if (secmoduleDao.getmoduleCode().equals(tmpModuleCode)){
						secaccessDao.setModuleName(secmoduleDao.getmoduleName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecModuleList.size();k++){
			SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(k);
			String tmpModuleCode = secmoduleDao.getmoduleCode();
			int iFound = 0;
			for(int i=0;i<secGroupAccessList.size();i++){
				SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
				if (secaccessDao.getModuleCode().equals(tmpModuleCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecModuleList.add(secmoduleDao);
			}
		}
		arlSecModuleList = new ArrayList();
		arlSecModuleList = arlFilterSecModuleList;
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}

	System.out.println("UpdateSecGroupAction.java: getGroup strSelectedGroupCode : " + strSelectedGroupCode);
	System.out.println("UpdateSecGroupAction.java: getGroup strMerchant : " + strMerchant);

	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);
	session.setAttribute(Constants.SELECTED_ACCESS_LIST, secGroupAccessList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }


  /**
   * Remove Security Group Access list
   * @updated by: Luiz Santos
   * @date: 12/14/2013
   */
  public ActionForward remAccess(ActionMapping mapping,
    ActionForm form, HttpServletRequest request,
    HttpServletResponse response) throws Exception {

    final String PROG_ID="UpdateSecAccessAction.remAccess";
    HttpSession session = request.getSession(false);
	System.out.println("UpdateSecAccessAction.java: remAccess");

	String strEMerchant = (String) session.getAttribute(Constants.MERCHANT_KEY);
	System.out.println("UpdateSecAccessAction.java: remAccess strEMerchant : " + strEMerchant);
	String strMerchant = "";
	if ((strEMerchant != null) && (!strEMerchant.equals(""))){
		//strMerchant= EncryptionHelper.decrypt(strEMerchant,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strMerchant= strEMerchant;
	}else{
		strMerchant = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	if(!isTokenValid(request)){
		System.out.println("Token validation failed!");
		session.invalidate();
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}else{
		resetToken(request);
		System.out.println("Token validation passed!");
	}
	String strEncryptedUID = (String) session.getAttribute(Constants.LOGINID);
	System.out.println("UpdateSecAccessAction.java: remAccess strEMerchant : " + strEMerchant);
	String strLoginID = "";
	if ((strEncryptedUID != null) && (!strEncryptedUID.equals(""))){
		//strLoginID= EncryptionHelper.decrypt(strEncryptedUID,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	    strLoginID= strEncryptedUID;
	}else{
		strLoginID = "";
		return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}
	
	boolean accessAllow = SecAccessHelper.isAccessAllow(moduleCode, request);
	
	if (!accessAllow) {
        return mapping.findForward(Constants.KEY_ACTION_MAPPING_ERR);
    }

	String roleCode =(String) session.getAttribute(Constants.LOGON_USER_ROLE);
	if (roleCode == null || roleCode.trim().equals("")) {
	    return mapping.findForward(Constants.KEY_ACTION_SESSION_ERR);
	}

	ArrayList arlSecGroupList = new ArrayList();
	ArrayList arlSecModuleList = new ArrayList();
	ArrayList arlFilterSecModuleList = new ArrayList();
	ArrayList secGroupAccessList = new ArrayList();

	arlSecGroupList = SecGroupHome.getInstance().findSecGroupList(strMerchant);
	arlSecModuleList = SecGroupHome.getInstance().findSecModuleList(strMerchant);

	String strSelectedGroupCode = "";
	String strESelectedGroupCode = "";
	strESelectedGroupCode = request.getParameter("selaccessgrp");

	String strSelectedModuleCode = "";
	String strESelectedModuleCode = "";
	strESelectedModuleCode = request.getParameter("sremmodule");

	System.out.println("UpdateSecAccessAction.java: addGroupAccess strESelectedGroupCode : " + strESelectedGroupCode);
	if ((strESelectedGroupCode == null) || (strESelectedGroupCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strESelectedModuleCode : " + strESelectedModuleCode);
	if ((strESelectedModuleCode == null) || (strESelectedModuleCode.equals(""))){
	    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
	}

	// Activity log
	SysLogDao sysLogDao = new SysLogDao();
	sysLogDao.setActivityCode(Constants.ACT_CODE_SECURITY);
	sysLogDao.setAcctID(strMerchant);
	sysLogDao.setActivityName(PROG_ID);
	sysLogDao.setUserID(strLoginID);
	sysLogDao.setRole(roleCode);
	sysLogDao.setStatus(Constants.ACT_STATUS_SUCCESS);
	
	String strRetUpdate = "";
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		if ((strESelectedModuleCode != null) && (!strESelectedModuleCode.equals(""))){
			strSelectedModuleCode= sanitize(EncryptionHelper.decrypt(strESelectedModuleCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
			sysLogDao.setUserField1("Selected Group Code="+strSelectedGroupCode + ", Remove Module Code=" 
			        + strSelectedModuleCode);

			strRetUpdate = SecAccessHome.getInstance().remSecGroupAccess(strMerchant,strSelectedGroupCode,strSelectedModuleCode,strLoginID);
			if (!strRetUpdate.equals(Constants.DB_YES)) {
			    sysLogDao.setStatus(Constants.ACT_STATUS_FAIL_GENERAL);
			}
			SysLogHome.getInstance().insertSysLog(sysLogDao);
		}
	}
	if ((strESelectedGroupCode != null) && (!strESelectedGroupCode.equals(""))){
		strSelectedGroupCode= sanitize(EncryptionHelper.decrypt(strESelectedGroupCode,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE)));
		secGroupAccessList = SecAccessHome.getInstance().findSecGroupAccessList(strMerchant,strSelectedGroupCode);
		//This for loop is to get the Module Name of the Access Module.
		for(int i=0;i<secGroupAccessList.size();i++){
			SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
			String tmpModuleCode = "";
			tmpModuleCode = secaccessDao.getModuleCode();
			if (tmpModuleCode != null && !tmpModuleCode.equals("")){
				for(int j=0;j<arlSecModuleList.size();j++){
					SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(j);
					if (secmoduleDao.getmoduleCode().equals(tmpModuleCode)){
						secaccessDao.setModuleName(secmoduleDao.getmoduleName());
					}
				}
			}
		}
		//This loop is to get the Filter Security Module List.
		for(int k=0;k<arlSecModuleList.size();k++){
			SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(k);
			String tmpModuleCode = secmoduleDao.getmoduleCode();
			int iFound = 0;
			for(int i=0;i<secGroupAccessList.size();i++){
				SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
				if (secaccessDao.getModuleCode().equals(tmpModuleCode)){
					iFound = 1;
				}
			}
			if (iFound == 0){
				arlFilterSecModuleList.add(secmoduleDao);
			}
		}
		arlSecModuleList = new ArrayList();
		arlSecModuleList = arlFilterSecModuleList;
	}else{
		strSelectedGroupCode = "";
		strESelectedGroupCode = "";
	}

	System.out.println("UpdateSecAccessAction.java: addGroupAccess strSelectedGroupCode : " + strSelectedGroupCode);
	System.out.println("UpdateSecAccessAction.java: addGroupAccess strMerchant : " + strMerchant);

	session.setAttribute(Constants.SECURITY_GROUP, arlSecGroupList);
	session.setAttribute(Constants.SECURITY_MODULE, arlSecModuleList);
	session.setAttribute(Constants.SELECTED_ACCESS_LIST, secGroupAccessList);
	session.setAttribute(Constants.SELECTED_SEC_GRP, strESelectedGroupCode);
    return mapping.findForward(Constants.KEY_ACTION_SUCCESS);
  }

}
